|
@matalaz | |||||
|
Who would have thought such an scenario would be possible, eh?
"Chinese hackers have used a zero-day in the Trend Micro OfficeScan antivirus during their attacks on Mitsubishi Electric"
zdnet.com/article/trend-…
|
||||||
|
||||||
|
|
Joxean Koret
@matalaz
|
26. sij |
|
I remember in 2014 that many AV companies said that attackers exploiting AVs were fairy tales. Lol.
|
||
|
||
|
joernchen
@joernchen
|
26. sij |
|
Classy bug: ZIP traversal to RCE. <3
|
||
|
|
||
|
|
Joxean Koret
@matalaz
|
26. sij |
|
Yeah xD
|
||
|
|
||
|
Ronny
@RonnyTNL
|
26. sij |
|
Maybe someone should write a book about this ;)
|
||
|
|
||
|
|
Joxean Koret
@matalaz
|
27. sij |
|
Haha
|
||
|
|
||
|
bibbleco
@bibbleco
|
26. sij |
|
If only a security researcher had taken a good thorough look at a range of modern AV and found they're mostly pretty shit a few years ago, we might not be in this mess today!
|
||
|
|
||
|
mitchparkerciso
@mitchparkerciso
|
26. sij |
|
Unfortunately most companies kept their heads in the sand over this. We knew certain vendors were being targeted years ago.
|
||
|
|
||
|
Daniel Cuthbert
@dcuthbert
|
26. sij |
|
And again showing that one doesn't target the org directly but via suppliers and trusted partners. Hit them hard, go in via legit channels such as VPNs and other legacy tech.
|
||
|
|
||
|
Rev.1D10T DD(h.c)
@1D10T1
|
27. sij |
|
No one is free or 100% protected from new attacks by just one layee of security..... Its time to implement our type of sec with your own team of kickass hackers....
|
||
|
|
||